package com.automannn.sso.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @author automannn
 * @Date 2025/6/26
 */
//@Configuration
//@Profile("social")
public class SocialClientSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    //配置哪些请求应该被忽略，即不需要通过Spring Security过滤器链进行处理
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/resources/**","/static/**","/css/**","/js/**","/images/**");
    }

    @Override
    //配置基于HTTP的特定安全选项，包括但不限于认证机制、授权规则、HTTPS要求、CSRF保护、Session管理等
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
    }

    @Override
    //配置用户认证相关的设置，包括但不限于内存中的用户、JDBC用户存储、LDAP以及使用自定义的UserDetailsService实现
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth
//                .inMemoryAuthentication()
//                .withUser("user").password("{noop}password").roles("USER")
//                .and()
//                .withUser("admin").password("{noop}admin").roles("ADMIN");
    }

}
